Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major NFS Bugs Found & Being Fixed

Posted by Hemos on from the quashing-the-bugs dept.

mbadolato writes "From an article at kerneltrap.org: On the FreeBSD hacker mailing list, Jordan Hubbard commented on some serious issues with NFS, posting a tool called 'fsx' - originally developed for the NeXT OS - that was ideal for finding them. Matt Dillon was quite impressed by the tool and immediately started playing with it. In very little time, he presented a number of major fixes..."

There's a good collection of the emails here describing some of the fixes that Matt Dillon has made."

6 of 24 comments (clear)

  1. Not only NFS by flynn_nrg · · Score: 3, Informative

    Apparently Matt found one bug in the softupdates code and reported it to McKusick, who has written a patch. Matt is still testing the new code in -current and if everythings works ok it will be MFC'ed to -stable within one week, so that this code makes it for 4.5-RELEASE that is coming soon.

    1. Re:Not only NFS by flynn_nrg · · Score: 2, Informative

      Merge From Current, when a patch or new feature is tested long enough in -CURRENT the core team back ports it to -STABLE.

  2. Re:fsx.c (on GNU/Linux) by Carl · · Score: 3, Informative

    It was already discussed on the kernel mailing list.
    Including a (trivial) port to GNU/Linux.
    Local filesystems are OK (except for ReiserFS), but NFS does show some problems.
    http://www.uwsg.indiana.edu/hypermail/linux/kernel /0112.1/1573.html

  3. It also shows problems in Linux.... by pwagland · · Score: 3, Informative
    This is the linux-kernel thread.

    In essence, the problem is seen on reiserfs (being investigated) and also in NFS. No-one has mentioned following up on the NFS problems yet...

    Nor have problems yet been seen in XFS, Ext2 or Ext3.

  4. Re:Major NFS bugs found, but hidden from main page by Coz · · Score: 3, Interesting

    Would you rather be oblivious? As it stands, *BSD fans see this note, and a lot of work is going into developing a fix, not only for BSD, but for Linux as well - if you want to follow the status, follow the links/mirrors/forums. The tool these guys are using (publicly available) has discovered major flaws in the internal VM implementation - what are the odds you'd EVER hear of that with M$? (BTW, has anyone run this against M$'s NFS implementations?)

    Besides, part of the fun of open-source is watching the evolution. The emails documenting how this evolved are fun to read - wonder what M$'s equivalents say? We'll never know....

    --
    I love vegetarians - some of my favorite foods are vegetarians.
  5. Re:Major NFS bugs found, but hidden from main page by markj02 · · Score: 2
    I think you are a little confused about the facts.

    People using fsx found bugs in NFS, not security holes. Furthermore, by default, Sun and Linux machines do not export file systems, and NFS is not intended for use on unsecure networks (NFS is intrinsically not secure unless your network is secure, and this is documented). And neither Sun nor Linux are consumer operating systems--if you run them, you should know about proper system management and security.

    Microsoft, in contrast, shipped a consumer operating system that, when used as intended, out of the box, was wide open to take-over over the Internet. They have done similar things in the past with browsers and other software. That's not a "little security flaw", it's a major goof.

    Finally, both NFS and SMB came out of a closed source big corporate culture. They are both awful. The only reason they are still used is because of their corporate backing. You can blame Sun and Microsoft for that, not the open source community.